Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@stacks/encryption
Advanced tools
@stacks/encryption - npm Package Compare versions
Comparing version 6.17.0 to 7.0.0-next.70
@@ -21,3 +21,2 @@ export type CipherTextEncoding = 'hex' | 'base64'; | ||
| export declare function hmacSha256(key: Uint8Array, content: Uint8Array): Uint8Array; | ||
| export declare function getHexFromBN(bnInput: bigint): string; | ||
| export declare function getBytesFromBN(bnInput: bigint): Uint8Array; | ||
@@ -24,0 +23,0 @@ export declare function getCipherObjectWrapper(opts: { |
@@ -100,3 +100,3 @@ "use strict"; | ||
| else { | ||
| throw new Error('Generated a > 32-byte BN for encryption. Failing.'); | ||
| throw new Error('Generated a > 32-byte bigint for encryption. Failing.'); | ||
| } | ||
@@ -103,0 +103,0 @@ } |
@@ -21,3 +21,2 @@ export type CipherTextEncoding = 'hex' | 'base64'; | ||
| export declare function hmacSha256(key: Uint8Array, content: Uint8Array): Uint8Array; | ||
| export declare function getHexFromBN(bnInput: bigint): string; | ||
| export declare function getBytesFromBN(bnInput: bigint): Uint8Array; | ||
@@ -24,0 +23,0 @@ export declare function getCipherObjectWrapper(opts: { |
@@ -95,3 +95,3 @@ import { hmac } from '@noble/hashes/hmac'; | ||
| else { | ||
| throw new Error('Generated a > 32-byte BN for encryption. Failing.'); | ||
| throw new Error('Generated a > 32-byte bigint for encryption. Failing.'); | ||
| } | ||
@@ -98,0 +98,0 @@ } |
@@ -0,1 +1,2 @@ | ||
| import { PrivateKey } from '@stacks/common'; | ||
| export declare function makeECPrivateKey(): string; | ||
@@ -9,5 +10,3 @@ export declare function base58CheckDecode(btcAddress: string): { | ||
| export declare function publicKeyToBtcAddress(publicKey: string | Uint8Array, version?: number): string; | ||
| export declare function getPublicKeyFromPrivate(privateKey: string | Uint8Array): string; | ||
| export declare function ecSign(messageHash: Uint8Array, hexPrivateKey: string | Uint8Array): Uint8Array; | ||
| export declare function isValidPrivateKey(privateKey: string | Uint8Array): boolean; | ||
| export declare function compressPrivateKey(privateKey: string | Uint8Array): Uint8Array; | ||
| export declare function getPublicKeyFromPrivate(privateKey: PrivateKey): string; | ||
| export declare function ecSign(messageHash: Uint8Array, privateKey: PrivateKey): Uint8Array; |
| import { hmac } from '@noble/hashes/hmac'; | ||
| import { sha256 } from '@noble/hashes/sha256'; | ||
| import { getPublicKey as nobleGetPublicKey, signSync, utils } from '@noble/secp256k1'; | ||
| import { bytesToHex, concatBytes, hexToBytes, privateKeyToBytes, PRIVATE_KEY_COMPRESSED_LENGTH, readUInt8, } from '@stacks/common'; | ||
| import { bytesToHex, concatBytes, hexToBytes, privateKeyToBytes, readUInt8, } from '@stacks/common'; | ||
| import base58 from 'bs58'; | ||
@@ -50,16 +50,7 @@ import { hashRipemd160 } from './hashRipemd160'; | ||
| } | ||
| export function ecSign(messageHash, hexPrivateKey) { | ||
| return signSync(messageHash, privateKeyToBytes(hexPrivateKey).slice(0, 32), { | ||
| export function ecSign(messageHash, privateKey) { | ||
| return signSync(messageHash, privateKeyToBytes(privateKey).slice(0, 32), { | ||
| der: false, | ||
| }); | ||
| } | ||
| export function isValidPrivateKey(privateKey) { | ||
| return utils.isValidPrivateKey(privateKeyToBytes(privateKey)); | ||
| } | ||
| export function compressPrivateKey(privateKey) { | ||
| const privateKeyBytes = privateKeyToBytes(privateKey); | ||
| return privateKeyBytes.length == PRIVATE_KEY_COMPRESSED_LENGTH | ||
| ? privateKeyBytes | ||
| : concatBytes(privateKeyBytes, new Uint8Array([1])); | ||
| } | ||
| //# sourceMappingURL=keys.js.map |
| import { GetRandomBytes } from './cryptoRandom'; | ||
| import { TriplesecDecryptSignature } from './cryptoUtils'; | ||
| export declare function encryptMnemonic(phrase: string, password: string, opts?: { | ||
| getRandomBytes?: GetRandomBytes; | ||
| }): Promise<Uint8Array>; | ||
| export declare function decryptMnemonic(data: string | Uint8Array, password: string, triplesecDecrypt?: TriplesecDecryptSignature): Promise<string>; | ||
| export declare function decryptMnemonic(data: string | Uint8Array, password: string): Promise<string>; |
@@ -1,9 +0,9 @@ | ||
| import { validateMnemonic, mnemonicToEntropy, entropyToMnemonic } from '@scure/bip39'; | ||
| import { entropyToMnemonic, mnemonicToEntropy, validateMnemonic } from '@scure/bip39'; | ||
| import { wordlist } from '@scure/bip39/wordlists/english'; | ||
| import { bytesToHex, concatBytes, equals, hexToBytes } from '@stacks/common'; | ||
| import { createCipher } from './aesCipher'; | ||
| import { randomBytes } from './cryptoRandom'; | ||
| import { hmacSha256 } from './ec'; | ||
| import { createPbkdf2 } from './pbkdf2'; | ||
| import { createSha2Hash } from './sha2Hash'; | ||
| import { createCipher } from './aesCipher'; | ||
| import { createPbkdf2 } from './pbkdf2'; | ||
| import { bytesToHex, bytesToUtf8, concatBytes, equals, hexToBytes, utf8ToBytes, } from '@stacks/common'; | ||
| import { hmacSha256 } from './ec'; | ||
| export async function encryptMnemonic(phrase, password, opts) { | ||
@@ -31,4 +31,3 @@ let mnemonicEntropy; | ||
| const hmacDigest = hmacSha256(macKey, hmacPayload); | ||
| const payload = concatBytes(salt, hmacDigest, cipherText); | ||
| return payload; | ||
| return concatBytes(salt, hmacDigest, cipherText); | ||
| } | ||
@@ -70,32 +69,6 @@ class PasswordError extends Error { | ||
| } | ||
| function decryptLegacy(dataBytes, password, triplesecDecrypt) { | ||
| return new Promise((resolve, reject) => { | ||
| if (!triplesecDecrypt) { | ||
| reject(new Error('The `triplesec.decrypt` function must be provided')); | ||
| } | ||
| triplesecDecrypt({ | ||
| key: utf8ToBytes(password), | ||
| data: dataBytes, | ||
| }, (err, plaintextBytes) => { | ||
| if (!err) { | ||
| resolve(plaintextBytes); | ||
| } | ||
| else { | ||
| reject(err); | ||
| } | ||
| }); | ||
| }); | ||
| } | ||
| export async function decryptMnemonic(data, password, triplesecDecrypt) { | ||
| export async function decryptMnemonic(data, password) { | ||
| const dataBytes = typeof data === 'string' ? hexToBytes(data) : data; | ||
| try { | ||
| return await decryptMnemonicBytes(dataBytes, password); | ||
| } | ||
| catch (error) { | ||
| if (error instanceof PasswordError) | ||
| throw error; | ||
| const data = await decryptLegacy(dataBytes, password, triplesecDecrypt); | ||
| return bytesToUtf8(data); | ||
| } | ||
| return await decryptMnemonicBytes(dataBytes, password); | ||
| } | ||
| //# sourceMappingURL=wallet.js.map |
@@ -0,1 +1,2 @@ | ||
| import { PrivateKey } from '@stacks/common'; | ||
| export declare function makeECPrivateKey(): string; | ||
@@ -9,5 +10,3 @@ export declare function base58CheckDecode(btcAddress: string): { | ||
| export declare function publicKeyToBtcAddress(publicKey: string | Uint8Array, version?: number): string; | ||
| export declare function getPublicKeyFromPrivate(privateKey: string | Uint8Array): string; | ||
| export declare function ecSign(messageHash: Uint8Array, hexPrivateKey: string | Uint8Array): Uint8Array; | ||
| export declare function isValidPrivateKey(privateKey: string | Uint8Array): boolean; | ||
| export declare function compressPrivateKey(privateKey: string | Uint8Array): Uint8Array; | ||
| export declare function getPublicKeyFromPrivate(privateKey: PrivateKey): string; | ||
| export declare function ecSign(messageHash: Uint8Array, privateKey: PrivateKey): Uint8Array; |
@@ -6,3 +6,3 @@ "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.compressPrivateKey = exports.isValidPrivateKey = exports.ecSign = exports.getPublicKeyFromPrivate = exports.publicKeyToBtcAddress = exports.base58CheckEncode = exports.base58Encode = exports.base58CheckDecode = exports.makeECPrivateKey = void 0; | ||
| exports.ecSign = exports.getPublicKeyFromPrivate = exports.publicKeyToBtcAddress = exports.base58CheckEncode = exports.base58Encode = exports.base58CheckDecode = exports.makeECPrivateKey = void 0; | ||
| const hmac_1 = require("@noble/hashes/hmac"); | ||
@@ -63,4 +63,4 @@ const sha256_1 = require("@noble/hashes/sha256"); | ||
| exports.getPublicKeyFromPrivate = getPublicKeyFromPrivate; | ||
| function ecSign(messageHash, hexPrivateKey) { | ||
| return (0, secp256k1_1.signSync)(messageHash, (0, common_1.privateKeyToBytes)(hexPrivateKey).slice(0, 32), { | ||
| function ecSign(messageHash, privateKey) { | ||
| return (0, secp256k1_1.signSync)(messageHash, (0, common_1.privateKeyToBytes)(privateKey).slice(0, 32), { | ||
| der: false, | ||
@@ -70,13 +70,2 @@ }); | ||
| exports.ecSign = ecSign; | ||
| function isValidPrivateKey(privateKey) { | ||
| return secp256k1_1.utils.isValidPrivateKey((0, common_1.privateKeyToBytes)(privateKey)); | ||
| } | ||
| exports.isValidPrivateKey = isValidPrivateKey; | ||
| function compressPrivateKey(privateKey) { | ||
| const privateKeyBytes = (0, common_1.privateKeyToBytes)(privateKey); | ||
| return privateKeyBytes.length == common_1.PRIVATE_KEY_COMPRESSED_LENGTH | ||
| ? privateKeyBytes | ||
| : (0, common_1.concatBytes)(privateKeyBytes, new Uint8Array([1])); | ||
| } | ||
| exports.compressPrivateKey = compressPrivateKey; | ||
| //# sourceMappingURL=keys.js.map |
| import { GetRandomBytes } from './cryptoRandom'; | ||
| import { TriplesecDecryptSignature } from './cryptoUtils'; | ||
| export declare function encryptMnemonic(phrase: string, password: string, opts?: { | ||
| getRandomBytes?: GetRandomBytes; | ||
| }): Promise<Uint8Array>; | ||
| export declare function decryptMnemonic(data: string | Uint8Array, password: string, triplesecDecrypt?: TriplesecDecryptSignature): Promise<string>; | ||
| export declare function decryptMnemonic(data: string | Uint8Array, password: string): Promise<string>; |
@@ -6,8 +6,8 @@ "use strict"; | ||
| const english_1 = require("@scure/bip39/wordlists/english"); | ||
| const common_1 = require("@stacks/common"); | ||
| const aesCipher_1 = require("./aesCipher"); | ||
| const cryptoRandom_1 = require("./cryptoRandom"); | ||
| const ec_1 = require("./ec"); | ||
| const pbkdf2_1 = require("./pbkdf2"); | ||
| const sha2Hash_1 = require("./sha2Hash"); | ||
| const aesCipher_1 = require("./aesCipher"); | ||
| const pbkdf2_1 = require("./pbkdf2"); | ||
| const common_1 = require("@stacks/common"); | ||
| const ec_1 = require("./ec"); | ||
| async function encryptMnemonic(phrase, password, opts) { | ||
@@ -35,4 +35,3 @@ let mnemonicEntropy; | ||
| const hmacDigest = (0, ec_1.hmacSha256)(macKey, hmacPayload); | ||
| const payload = (0, common_1.concatBytes)(salt, hmacDigest, cipherText); | ||
| return payload; | ||
| return (0, common_1.concatBytes)(salt, hmacDigest, cipherText); | ||
| } | ||
@@ -75,33 +74,7 @@ exports.encryptMnemonic = encryptMnemonic; | ||
| } | ||
| function decryptLegacy(dataBytes, password, triplesecDecrypt) { | ||
| return new Promise((resolve, reject) => { | ||
| if (!triplesecDecrypt) { | ||
| reject(new Error('The `triplesec.decrypt` function must be provided')); | ||
| } | ||
| triplesecDecrypt({ | ||
| key: (0, common_1.utf8ToBytes)(password), | ||
| data: dataBytes, | ||
| }, (err, plaintextBytes) => { | ||
| if (!err) { | ||
| resolve(plaintextBytes); | ||
| } | ||
| else { | ||
| reject(err); | ||
| } | ||
| }); | ||
| }); | ||
| } | ||
| async function decryptMnemonic(data, password, triplesecDecrypt) { | ||
| async function decryptMnemonic(data, password) { | ||
| const dataBytes = typeof data === 'string' ? (0, common_1.hexToBytes)(data) : data; | ||
| try { | ||
| return await decryptMnemonicBytes(dataBytes, password); | ||
| } | ||
| catch (error) { | ||
| if (error instanceof PasswordError) | ||
| throw error; | ||
| const data = await decryptLegacy(dataBytes, password, triplesecDecrypt); | ||
| return (0, common_1.bytesToUtf8)(data); | ||
| } | ||
| return await decryptMnemonicBytes(dataBytes, password); | ||
| } | ||
| exports.decryptMnemonic = decryptMnemonic; | ||
| //# sourceMappingURL=wallet.js.map |
| { | ||
| "name": "@stacks/encryption", | ||
| "version": "6.17.0", | ||
| "version": "7.0.0-next.70+0adf46c4", | ||
| "description": "Encryption utilities for Stacks", | ||
@@ -26,4 +26,3 @@ "license": "MIT", | ||
| "@scure/bip39": "1.1.0", | ||
| "@stacks/common": "^6.16.0", | ||
| "@types/node": "^18.0.4", | ||
| "@stacks/common": "^7.0.0-next.70+0adf46c4", | ||
| "base64-js": "^1.5.1", | ||
@@ -36,7 +35,8 @@ "bs58": "^5.0.0", | ||
| "@peculiar/webcrypto": "^1.1.6", | ||
| "@stacks/transactions": "^6.17.0", | ||
| "@stacks/network": "^7.0.0-next.70+0adf46c4", | ||
| "@stacks/transactions": "^7.0.0-next.70+0adf46c4", | ||
| "@types/bs58check": "^2.1.0", | ||
| "@types/elliptic": "^6.4.12", | ||
| "@types/node": "^18.0.4", | ||
| "@types/sha.js": "^2.4.0", | ||
| "@types/triplesec": "^3.0.0", | ||
| "bitcoinjs-lib": "^5.2.0", | ||
@@ -49,4 +49,3 @@ "bs58check": "^2.1.2", | ||
| "rimraf": "^3.0.2", | ||
| "stream-browserify": "^3.0.0", | ||
| "triplesec": "^4.0.3" | ||
| "stream-browserify": "^3.0.0" | ||
| }, | ||
@@ -73,3 +72,3 @@ "sideEffects": false, | ||
| }, | ||
| "gitHead": "626e1ca12e300838504dc35b32bfae7a0ebfe109" | ||
| "gitHead": "0adf46c4eadac85f234140dc2df0e5d06b0ca775" | ||
| } |
@@ -206,3 +206,3 @@ import { hmac } from '@noble/hashes/hmac'; | ||
| * The result string is zero padded and always 64 characters in length. | ||
| * @ignore | ||
| * @ignore @internal | ||
| */ | ||
@@ -219,3 +219,3 @@ export function getHexFromBN(bnInput: bigint): string { | ||
| } else { | ||
| throw new Error('Generated a > 32-byte BN for encryption. Failing.'); | ||
| throw new Error('Generated a > 32-byte bigint for encryption. Failing.'); | ||
| } | ||
@@ -222,0 +222,0 @@ } |
@@ -5,2 +5,3 @@ import { hmac } from '@noble/hashes/hmac'; | ||
| import { | ||
| PrivateKey, | ||
| bytesToHex, | ||
@@ -10,3 +11,2 @@ concatBytes, | ||
| privateKeyToBytes, | ||
| PRIVATE_KEY_COMPRESSED_LENGTH, | ||
| readUInt8, | ||
@@ -101,3 +101,3 @@ } from '@stacks/common'; | ||
| */ | ||
| export function getPublicKeyFromPrivate(privateKey: string | Uint8Array): string { | ||
| export function getPublicKeyFromPrivate(privateKey: PrivateKey): string { | ||
| const privateKeyBytes = privateKeyToBytes(privateKey); | ||
@@ -111,24 +111,6 @@ // for backwards compatibility we always return a compressed public key, regardless of private key mode | ||
| */ | ||
| export function ecSign(messageHash: Uint8Array, hexPrivateKey: string | Uint8Array) { | ||
| return signSync(messageHash, privateKeyToBytes(hexPrivateKey).slice(0, 32), { | ||
| export function ecSign(messageHash: Uint8Array, privateKey: PrivateKey) { | ||
| return signSync(messageHash, privateKeyToBytes(privateKey).slice(0, 32), { | ||
| der: false, | ||
| }); | ||
| } | ||
| /** | ||
| * @ignore | ||
| */ | ||
| export function isValidPrivateKey(privateKey: string | Uint8Array): boolean { | ||
| return utils.isValidPrivateKey(privateKeyToBytes(privateKey)); | ||
| } | ||
| /** | ||
| * @ignore | ||
| */ | ||
| export function compressPrivateKey(privateKey: string | Uint8Array): Uint8Array { | ||
| const privateKeyBytes = privateKeyToBytes(privateKey); | ||
| return privateKeyBytes.length == PRIVATE_KEY_COMPRESSED_LENGTH | ||
| ? privateKeyBytes // leave compressed | ||
| : concatBytes(privateKeyBytes, new Uint8Array([1])); // compress | ||
| } |
@@ -1,4 +0,2 @@ | ||
| // https://github.com/paulmillr/scure-bip39 | ||
| // Secure, audited & minimal implementation of BIP39 mnemonic phrases. | ||
| import { validateMnemonic, mnemonicToEntropy, entropyToMnemonic } from '@scure/bip39'; | ||
| import { entropyToMnemonic, mnemonicToEntropy, validateMnemonic } from '@scure/bip39'; | ||
| // Word lists not imported by default as that would increase bundle sizes too much as in case of bitcoinjs/bip39 | ||
@@ -10,16 +8,8 @@ // Use default english world list similar to bitcoinjs/bip39 | ||
| import { wordlist } from '@scure/bip39/wordlists/english'; | ||
| import { randomBytes, GetRandomBytes } from './cryptoRandom'; | ||
| import { createSha2Hash } from './sha2Hash'; | ||
| import { bytesToHex, concatBytes, equals, hexToBytes } from '@stacks/common'; | ||
| import { createCipher } from './aesCipher'; | ||
| import { GetRandomBytes, randomBytes } from './cryptoRandom'; | ||
| import { hmacSha256 } from './ec'; | ||
| import { createPbkdf2 } from './pbkdf2'; | ||
| import { TriplesecDecryptSignature } from './cryptoUtils'; | ||
| import { | ||
| bytesToHex, | ||
| bytesToUtf8, | ||
| concatBytes, | ||
| equals, | ||
| hexToBytes, | ||
| utf8ToBytes, | ||
| } from '@stacks/common'; | ||
| import { hmacSha256 } from './ec'; | ||
| import { createSha2Hash } from './sha2Hash'; | ||
@@ -71,4 +61,3 @@ /** | ||
| const payload = concatBytes(salt, hmacDigest, cipherText); | ||
| return payload; | ||
| return concatBytes(salt, hmacDigest, cipherText); | ||
| } | ||
@@ -128,36 +117,3 @@ | ||
| /** | ||
| * Decrypt legacy triplesec keys | ||
| * @param {Uint8Array} dataBytes - The encrypted key | ||
| * @param {String} password - Password for data | ||
| * @return {Promise<BuUint8Arrayffer>} Decrypted seed | ||
| * @ignore | ||
| */ | ||
| function decryptLegacy( | ||
| dataBytes: Uint8Array, | ||
| password: string, | ||
| triplesecDecrypt?: TriplesecDecryptSignature | ||
| ): Promise<Uint8Array> { | ||
| return new Promise<Uint8Array>((resolve, reject) => { | ||
| if (!triplesecDecrypt) { | ||
| reject(new Error('The `triplesec.decrypt` function must be provided')); | ||
| } | ||
| triplesecDecrypt!( | ||
| { | ||
| key: utf8ToBytes(password), | ||
| data: dataBytes, | ||
| }, | ||
| (err, plaintextBytes) => { | ||
| if (!err) { | ||
| resolve(plaintextBytes!); | ||
| } else { | ||
| reject(err); | ||
| } | ||
| } | ||
| ); | ||
| }); | ||
| } | ||
| /** | ||
| * Decrypt an encrypted mnemonic phrase with a password. | ||
| * Legacy triplesec encrypted payloads are also supported. | ||
| * @param data - Bytes or hex-encoded string of the encrypted mnemonic | ||
@@ -170,13 +126,6 @@ * @param password - Password for data | ||
| data: string | Uint8Array, | ||
| password: string, | ||
| triplesecDecrypt?: TriplesecDecryptSignature | ||
| password: string | ||
| ): Promise<string> { | ||
| const dataBytes = typeof data === 'string' ? hexToBytes(data) : data; | ||
| try { | ||
| return await decryptMnemonicBytes(dataBytes, password); | ||
| } catch (error) { | ||
| if (error instanceof PasswordError) throw error; | ||
| const data = await decryptLegacy(dataBytes, password, triplesecDecrypt); | ||
| return bytesToUtf8(data); | ||
| } | ||
| return await decryptMnemonicBytes(dataBytes, password); | ||
| } |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Dependency count
- decreased by-11.11%
8
Worsened metrics
- Total package byte prevSize
- decreased by-2.03%
665218
- Lines of code
- decreased by-3.7%
3878
- Number of low quality alerts
- increased byInfinity%
1
- Number of medium supply chain risk alerts
- increased byInfinity%
1
Dependency changes
+ Added@stacks/common@7.0.2(transitive)
- Removed@types/node@^18.0.4
- Removed@stacks/common@6.16.0(transitive)
- Removed@types/bn.js@5.1.6(transitive)
- Removed@types/node@18.19.65(transitive)
- Removedundici-types@5.26.5(transitive)